Ubuntu 5.10 / 6.06 LTS / 6.10 : xorg, xorg-server vulnerabilities (USN-403-1)

The DBE and Render extensions in X.org were vulnerable to integer overflows, which could lead to memory overwrites. An authenticated user could make a specially crafted request and execute arbitrary code with root privileges. Note that Tenable Network Security has extracted the preceding...

Ubuntu 5.04 / 5.10 / 6.06 LTS : libxfont, xorg vulnerabilities (USN-344-1)

iDefense security researchers found several integer overflows in X.org's font handling library. By using a specially crafted Type1 CID font file, a local user could exploit these to crash the X server or execute arbitrary code with root privileges. Note that Tenable Network Security has extracted...

Ubuntu 5.10 / 6.06 LTS / 6.10 : libwpd vulnerability (USN-437-1)

Sean Larsson of iDefense Labs discovered that libwpd was vulnerable to integer overflows. If a user were tricked into opening a specially crafted WordPerfect document with an application that used libwpd, an attacker could execute arbitrary code with user privileges. Note that Tenable Network...

Ubuntu 5.04 / 5.10 / 6.06 LTS : freetype vulnerabilities (USN-291-1)

Several integer overflows have been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Note that Tenable Network Security has extracted the...

CVE-2007-4766

Multiple integer overflows in Perl-Compatible Regular Expression PCRE library before 7.3 allow context-dependent attackers to cause a denial of service crash or execute arbitrary code via unspecified escape backslash sequences...

CVE-2007-4766

Multiple integer overflows in Perl-Compatible Regular Expression PCRE library before 7.3 allow context-dependent attackers to cause a denial of service crash or execute arbitrary code via unspecified escape backslash sequences...

CVE-2007-4766

CVE-2007-4766 concerns the PCRE library: multiple integer overflows in PCRE before 7.3 can be exploited via certain backslash escape sequences to cause a denial of service (crash) or arbitrary code execution. Affected component: PCRE. Remediation: update to PCRE 7.3 or later (or apply vendor-supp...

CVE-2007-4766

Multiple integer overflows in Perl-Compatible Regular Expression PCRE library before 7.3 allow context-dependent attackers to cause a denial of service crash or execute arbitrary code via unspecified escape backslash sequences...

Python: User-assisted execution of arbitrary code

Background Python is an interpreted, interactive, object-oriented programming language. Description Slythers Bro discovered multiple integer overflows in the imageop module, one of them in the tovideo method, in various locations in files imageop.c, rbgimgmodule.c, and also in other files. Impact...

Fedora 7 : python-2.5-14.fc7 (2007-2663)

This update fixes: Multiple integer overflows in the imageop module 295971 Also included are a dependency fix on binutils 307221, so the ctypes module works, and a tkinter fix when dealing with zero length text in some widgets 281751. Note that Tenable Network Security has extracted the preceding...

Debian DSA-1399-1 : pcre3 - several vulnerabilities

Tavis Ormandy of the Google Security Team has discovered several security issues in PCRE, the Perl-Compatible Regular Expression library, which potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions. Version 7.0 of the PCRE library featured a majo...

openSUSE 10 Security Update : ImageMagick (ImageMagick-4543)

This update of ImageMagick fixes several vulnerabilities. - CVE-2007-4985: infinite loop while parsing images - CVE-2007-4986: integer overflows that can lead to code execution - CVE-2007-4987: one-byte buffer overflow that can lead to code execution SLES8- and SLES9-based products are not affect...

openSUSE 10 Security Update : flac (flac-4571)

Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file CVE-2007-4619. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

ImageMagick: Multiple vulnerabilities

Background ImageMagick is a collection of tools and libraries for manipulating various image formats. Description regenrecht reported multiple infinite loops in functions ReadDCMImage and ReadXCFImage CVE-2007-4985, multiple integer overflows when handling certain types of images CVE-2007-4986,...

openSUSE 10 Security Update : NX (NX-4555)

The XFree code contained in NX was prone to integer overflows CVE-2006-1861 and insufficiently protected against specially crafted PCF files CVE-2006-3467. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

openSUSE 10 Security Update : imlib2-loaders (imlib2-loaders-2265)

Various security problems have been fixed in the imlib2 image loaders : CVE-2006-4809: A stack-based buffer overflow in loaderpnm.c could be used by attackers to execute code by supplying a handcrafted PNM image. CVE-2006-4808: A heap buffer overflow in loadertga.c could potentially be used by...

openSUSE 10 Security Update : qt3 (qt3-2189)

Multiple integer overflows have been found in image processing functions within the QT library. These could potentially lead to heap overflows and code execution. CVE-2006-4811 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...

openSUSE 10 Security Update : gimp (gimp-3995)

Multiple gimp import filters contained integer overflows. Attackers could exploit that to potentially execute code by tricking users into opening specially crafted files CVE-2006-4519. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3978)

This update fixes multiple bugs in php : - predictable generaton of an initialization vector IV in the mcrypt extension - additional cookie attributes could be injected via a session id - specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based...

openSUSE 10 Security Update : xorg-x11-server (xorg-x11-server-3082)

Integer overflows in the XC-MISC extension of the X-server could potentially be exploited to execute code with root privileges CVE-2007-1003. Integer overflows in libX11 could cause crashes CVE-2007-1667. Integer overflows in the font handling of the X-server could potentially be exploited to...